Combatting Cyberattacks

Planners must ensure that hacking prevention is part of event preparation.

By Boardroom editors

Since 2010, cyberattacks have caused more than a dozen hotel data breaches, with one of the most recent taking place last fall and targeting Hyatt Hotels Corp. It was the company’s second incident in just three years. A number of other hotel companies (including Kimpton Hotels, Four Seasons Hotels and Resorts, and Trump Hotels) last year also were affected by a data breach linked to third-party reservations provider Sabre Corp. (which processes reservations for about 100,000 hotels and 70 airlines). After the incident, Sabre worked with a cybersecurity firm and improved measures to protect customer data by ramping up security around access credentials.

This trend goes beyond hotel booking and into other sectors of the meetings space, affecting events themselves. It’s just as easy for cybercriminals to go after online registration systems and mobile apps. Sean Donahoo, CEO of Disruptive Solutions, which provides cybersecurity, told Skift recently that cybersecurity is one part of the planning process that the meetings industry is not taking seriously.

According to a 2017 IBM Security and Ponemon Institute study, the average total cost of a data breach is $3.62 million, which is reportedly increasing in the United States and Japan. In France and the United Kingdom, however, the costs are reportedly going down due to organisations’ response system.

With the E.U.’s General Data Protection Regulation (GDPR), event attendees receive some protection, as the privacy law calls for securing data and regulating how it’s shared with third-party organisations. But experts warn that to make meetings as secure as possible, companies must take additional preventive measures before they even collect data from attendees in apps and on registration forms.

Also, weak venue security may make a meeting an easy target, with hackers stealing data through Wi-Fi systems. The first step recommended here is the use of anti-virus software on devices and anti-malware. In addition to educating attendees about using stronger passwords, planners can take steps to help protect attendees’ data, such as updating virus protection and enabling a virtual private network (VPN) — as well as companies increasing measures within their own IT departments. This can help prevent attacks from many angles.